Hikvision IP camera/NVR firmware vulnerability
This blog contains information regarding Hikvision IP camera/NVR firmware vulnerability. As soon as we have an update, we’ll add it to this post. More information about possible risks and details can be found at the bottom of this blog.
T-Update
This blog contains information regarding Hikvision IP camera/NVR firmware vulnerability. As soon as we have an update, we’ll add it to this post. More information about possible risks and details can be found at the bottom of this blog.
Update October 29, 2021
15:00 | The majority of the Hikvision cameras are susceptible to a critical unauthenticated remote code execution vulnerability. This permits an attacker to gain full control of the device.
A firmware update was made available on the 19th of September, fixing the vulnerability. However, an increase in public attention was noticed, due to a proof on concept being publicly released. This will increase the likelihood of the vulnerability actively being exploited in the wild.
Hikvision camera systems are also sold under different brands. These systems may use the same firmware and are therefore potentially also vulnerable. There are no details with regards to these products available. It is advised to check for updates for your camera system.
Our advice is to check if any of your products is listed and apply the required firmware update as soon as possible. If the camera systems can’t be updated, it’s recommended to limit inbound network connections.
Background
Risk
The vulnerability CVE-2021-36260 allows a remote attacker to gain full control over the camera. The main risk is access of the camera being used as a steppingstone into gaining access to the rest of the IT-infrastructure. Additionally, the camera(s) can be used in a botnet or to watch physical locations.
Hikvision has published a firmware update to resolve the vulnerability. It’s recommended to install the firmware update as soon as possible. This is a patch-now vulnerability, as a proof of concept has been released.
Advice
Sign up to receive T-Updates
Receive the latest vulnerabilities in your email every Wednesday
More than 1,000 organisations have already joined us.
